News

IT strategy

September 11, 2023 11 Sep'23
UK boardrooms and CISOs increasingly aligned on cyber risks

Board members and CISOs in UK organisations seem to be working together much better, but while this is an encouraging sign, there remain some areas of concern over how the two relate to each other
September 11, 2023 11 Sep'23
Salesforce and Zoom embrace ethical hackers. You should, too

Software companies Salesforce and Zoom discuss their successful bug bounty programmes, what they learned at a recent in-person hackathon in which they participated, and why others shouldn’t be scared of hackers
September 08, 2023 08 Sep'23
KPMG finds growing demand for emerging tech

KPMG’s latest global tech report reveals an increase in the number of businesses adopting emerging technologies
September 08, 2023 08 Sep'23
Deputy PM urges UK plc not to lose focus on cyber

In a speech at TechUK, deputy prime minister Oliver Dowden urges the cyber security community not to lose focus, and to do more to further collaboration across sectors

September 08, 2023 08 Sep'23
North Koreans using new zero-day to target security researchers

A threat actor linked to the North Korean government is continuing a long-running campaign targeting legitimate security researchers, using an as-yet undisclosed zero-day vulnerability to gain access to their victims
September 08, 2023 08 Sep'23
HGS to provide contact centre support for One Login

The partnership between the Government Digital Service and Hinduja Global Solutions will see the supplier provide contact centre services for the digital identity platform
September 07, 2023 07 Sep'23
Honeywell goes quantum to protect utilities from future threats

Honeywell and quantum computing specialist Quantinuum will integrate quantum-hardened encryption keys into future smart meters
September 07, 2023 07 Sep'23
UK and US slap fresh sanctions on Conti ransomware crew

London and Washington DC have imposed sanctions on 11 more members of the cyber criminal gang behind the Conti ransomware attacks
September 07, 2023 07 Sep'23
Government AI taskforce appoints new advisory board members

An initial progress report published by the Taskforce provides detail on new appointments to its external advisory board as well as rebrand to focus on “frontier” artificial intelligence
September 07, 2023 07 Sep'23
Microsoft finds Storm-0558 exploited crash dump to steal signing key

Microsoft has published new information on how the Chinese state threat actor Storm-0558 was able to exploit a rare race condition following a crash dump in order to acquire a consumer signing key

September 07, 2023 07 Sep'23
Singapore taps Lidar and laser scanning in remote building inspections

With the 3D data generated reality capture technologies, detailed inspections can be conducted remotely, eliminating the need for inspectors from technical authorities to be present onsite
September 06, 2023 06 Sep'23
Meet the professional BEC op that targeted Microsoft 365 users for years

The so-called W3LL cyber crime operation ran a phishing empire that has played a large role in compromising Microsoft 365 accounts for years. Its activities are now coming to light thanks to Group-IB researchers
September 06, 2023 06 Sep'23
Okta customers targeted in new wave of social engineering attacks

Authentication specialist Okta has warned customers to be on alert for a campaign of social engineering attacks exploiting highly privileged users
September 05, 2023 05 Sep'23
Executive interview: ManageEngine president Rajesh Ganesan on the ‘three Ws’ of digital change

Today's IT management model must assume that the workforce can operate from any workplace and use any workload with ease and security, as the security and service management software supplier explains
September 05, 2023 05 Sep'23
Researchers find flaw in Mend.io security platform

WithSecure’s research team uncovered an authentication flaw in an application security platform developed by Mend.io, which has now been fixed
September 05, 2023 05 Sep'23
Law firm Fieldfisher launches data breach management tool

UK and European data breach law specialist Fieldfisher has enlisted legal tech specialist Lawcadia to supply a 24-hour data breach notification assessment platform
September 05, 2023 05 Sep'23
Hacked Electoral Commission failed Cyber Essentials audit

The Electoral Commission failed an NCSC Cyber Essentials audit on multiple counts at about the same time as cyber criminals breached its systems in 2021, it has emerged
September 05, 2023 05 Sep'23
Employees missing out on AI training and development

While businesses and employees see the benefit of artificial intelligence in the workplace, people are not being given the training they need
September 05, 2023 05 Sep'23
NCSC names ex-NCC man as new CTO

New NCSC CTO Ollie Whitehouse joins from NCC Group, having also worked at BlackBerry and Symantec
September 05, 2023 05 Sep'23
Plymouth Uni spearheads research into wind farm cyber resilience

Project hosted at the University of Plymouth in Devon aims to develop cyber security measures to protect the UK’s increasingly important offshore wind farm assets
September 04, 2023 04 Sep'23
How startup Once.net and Cloudflare secured the 2023 Eurovision vote

When the Eurovision Song Contest introduced paid-for public voting from outside Europe in 2023, it faced new cyber challenges. Learn how Dutch startup Once.net and Cloudflare teamed up to secure and support the big night
September 01, 2023 01 Sep'23
Police Scotland five-year digital strategy approved

Police Scotland’s new strategy outlines how the force will approach and invest in its digital transformation over the next five years, but notes its ability to achieve its ambitions is subject to the availability of funding
September 01, 2023 01 Sep'23
Threat actors exploiting unpatched Juniper Networks devices

A series of vulnerabilities in Juniper Networks firewalls and switches appear to be being exploited in the wild to enable remote code execution, with thousands of devices thought to be exposed
September 01, 2023 01 Sep'23
Google Cloud eyes bigger market share with AI

Google Cloud CEO Thomas Kurian is confident the company’s generative AI capabilities will enable it to grow faster than the market and narrow the gap with rivals
August 31, 2023 31 Aug'23
Sandworm attacks Ukraine with Infamous Chisel malware

The UK and its allies have attributed a novel malware campaign against Ukrainian state targets to the Russian intelligence-backed Sandworm APT
August 31, 2023 31 Aug'23
Ducktail social media marketing malware rears its head again

Use of the Ducktail infostealer, which first popped up in 2022 targeting Meta Business accounts, seems to be increasing
August 31, 2023 31 Aug'23
Home Office and MoD seeking new facial-recognition tech

The UK’s Defence and Security Accelerator is running a ‘market exploration’ exercise on behalf of the Home Office to identify new facial-recognition capabilities for security and policing bodies in the UK
August 30, 2023 30 Aug'23
Cyber world hails downfall of Qakbot trojan

A multinational law enforcement hacking operation disrupted the botnet infrastructure used to distribute the Qakbot trojan at the weekend, in a major setback for the cyber criminal underworld
August 30, 2023 30 Aug'23
NCSC warns over possible AI prompt injection attacks

The UK’s NCSC says it sees alarming potential for so-called prompt injection attacks driven by the large language models that power AI chatbots
August 29, 2023 29 Aug'23
Zero-day that forced Barracuda users to bin kit was exploited by China

Mandiant has published details of how a Chinese threat actor targeted high-profile users of Barracuda Networks' Email Security Gateway appliances, including government agencies of interest to Beijing's intelligence goals
August 29, 2023 29 Aug'23
Top-performing CISOs reserve time for professional development

Survey of chief information security officers conducted by Gartner sheds light on habits shared by the top-performing members of the profession
August 29, 2023 29 Aug'23
More Aussie apartments to get high-speed fibre

NBN will enter into Area Switch Agreements with corporate bodies to deliver high-speed fibre to some 700,000 apartments across Australia
August 28, 2023 28 Aug'23
India gets ready for new data protection regime

The Digital Personal Data Protection Act will shape the way businesses collect, secure and use personal data as India looks to protect data privacy while driving innovation and economic growth
August 24, 2023 24 Aug'23
Google bets on AI-backed cyber controls for Workspace users

Zero-trust and digital sovereignty controls are the focus of a series of enhancements being made for Google Workspace users
August 23, 2023 23 Aug'23
Inside Micron Singapore’s sustainability journey

The chipmaker has been doubling down on sustainability efforts in Singapore by tapping solar power, recycling water and waste, as well as treating greenhouse gases, in a bid to achieve net zero by 2050
August 23, 2023 23 Aug'23
St Helens Council in Merseyside hit by ransomware attack

St Helens Borough Council is investigating a suspected ransomware incident targeting its systems, and is advising residents to be on the alert for follow-on phishing attacks
August 23, 2023 23 Aug'23
Cyber attacks in 2023 develop quicker as average dwell times plummet

The median attacker dwell time shrunk from 10 to eight days in the first seven months of 2023, and in the case of ransomware attacks it is down to just five days
August 23, 2023 23 Aug'23
Innovative UK SMEs spend half of turnover on tech

UK SMEs are increasing spending on technology, with dedicated IT teams set up to enable them to keep pace with tech change
August 22, 2023 22 Aug'23
Clop’s MOVEit attacks drive ransomware volumes to record high

Such has been the scope of Clop’s activity since May that ransomware attack volumes have more than doubled year on year, according to the latest data
August 21, 2023 21 Aug'23
Red Hat CEO on AI moves and source code kerfuffle

Matt Hicks talks up Red Hat’s efforts to support generative AI adoption through OpenShift AI and weighs in on the issues surrounding the company’s decision to limit access to RHEL source code
August 21, 2023 21 Aug'23
Simplyblock targets ‘complex’ Ceph with software-defined NVMe

German startup Simplyblock aims to deliver low-cost high-performance flash and NVMe-over-TCP storage for service provider customers, and has Ceph deployments in its sights
August 21, 2023 21 Aug'23
Cyber attack on Aussie energy services firm may hit UK CNI

Energy One, an Australia-based supplier of tech services to the energy sector, is investigating the possibility that some UK customers may have been caught up in an ongoing cyber attack on its systems
August 21, 2023 21 Aug'23
Cyber Explorers programme reaches 50,000 11-14 year olds in 18 months

The government-backed Cyber Explorers programme has reached 50,000 students in its first 18 months, and more schools are being invited to sign up for the Autumn Term
August 18, 2023 18 Aug'23
MongoDB secures IRAP certification

MongoDB’s certification from Australia’s Information Security Registered Assessor Program will pave the way for federal government agencies to use its Atlas database service for protected workloads
August 17, 2023 17 Aug'23
Researchers demo fake airplane mode exploit that tricks iPhone users

Exploit chain that tricks a victim into believing their iOS device is offline in airplane mode when it is not could open the door to grave privacy concerns
August 17, 2023 17 Aug'23
Top marks for graduates of CIISec vocational cyber course

132 young people who sat the UK’s first Extended Project Qualification in Cyber Security have received their results today
August 16, 2023 16 Aug'23
NCSC expands Cyber Incident Response service more widely

The NCSC has added a level to its CIR programme to enable more cyber attack victims to take advantage of the service, which offers access to assured incident response specialists
August 16, 2023 16 Aug'23
ITAM influence on cyber risk becoming a factor in credit ratings

Credit agency S&P Global Ratings warns that organisations that pay inadequate attention to IT asset management as a factor in their cyber risk management processes may find their creditworthiness takes a dive
August 15, 2023 15 Aug'23
Nutanix GPT-in-a-Box aims hyper-converged at AI/ML use cases

Nutanix targets a pre-configured bundle of AI/ML and GPT software with hyper-converged infrastructure and GPT to help organisations safely take advantage of learning networks
August 15, 2023 15 Aug'23
Online safety message failing to get through to women

The security community could be doing a lot more to make its advice and guidance more accessible to women, according to a study